<?php
header('Content-type: text/json;charset=utf-8');//申明格式

require 'vendor/autoload.php';
use Medoo\Medoo;
$app = new Slim\App();

// 初始化数据库连接
$database = new medoo([
    'database_type' => 'sqlite',
    'database_file' => 'test.db'
]);

$ldapconn = ldap_connect("192.168.0.29", 389)
    or die("Could not connect to LDAP server.");  // assuming the LDAP server is on this host

if (ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3)) {
    echo "Using LDAPv3"."<br />;";
} else {
    echo "Failed to set protocol version to 3"."<br />;";
}

$app->get('/register', function ($request, $response, $args) use($app, $ldapconn) {
    $username = $request->getQueryParams()['username'];
    $password = $request->getQueryParams()['password'];
    $group = $request->getQueryParams()['group'];
    if($password == NULL || $username == NULL){
        return $response->write("username or password empty!");
    }

    if($group == NULL){
        $group = "WFMINIO";
    }

    if ($ldapconn) {
        // bind with appropriate dn to give update access
        $r = ldap_bind($ldapconn, "cn=admin,dc=wf,dc=cn", "admin");

        if ($r) {
            echo "LDAP bind successful...";
        } else {
            echo "LDAP bind failed...";
        }
    
        // $username = "phpminio1";
        // $password = "phpminio1";

        $account_base_dn = "ou=Peoples,dc=wf,dc=cn";
        $account_filter = "(cn={$username})";
        $account_read = ldap_search($ldapconn, $account_base_dn, $account_filter);
        $account_info = ldap_get_entries($ldapconn, $account_read);
        if(empty($account_info['count'])){
            $add_entry = array();
            $add_entry['objectclass'][] = 'top';
            $add_entry['objectclass'][] = 'inetOrgPerson';
            // $add_entry['objectclass'][] = 'user';
            $add_entry['objectclass'][] = 'posixAccount';
            // $add_entry['objectclass'][] = 'inetOrgPerson';
            $add_entry['objectclass'][] = 'shadowAccount';
            $add_entry['cn'] = $username;
            $add_entry['uid'] = $username;
            $add_entry['sn'] = $username;
            $add_entry['givenName'] = $username;
            $add_entry['uidNumber'] = 0;
            $add_entry['gidNumber'] = 0;
            $add_entry['homeDirectory'] = "/".$username;
            $add_entry['userpassword'] = "{MD5}".base64_encode(md5($password,true));
            # loginShell: /bin/bash shadowFlag: 0 shadowMin: 0 shadowMax: 99999 shadowWarning: 0 shadowInactive: 99999 shadowExpire: 99999 
            $add_entry['loginShell'] = "/bin/bash";
            $add_entry['shadowFlag'] = 0;
            $add_entry['shadowMin'] = 0;
            $add_entry['shadowMax'] = 99999;
            $add_entry['shadowWarning'] = 0;
            $add_entry['shadowInactive'] = 99999;
            $add_entry['shadowExpire'] = 99999;
            $dn = "uid={$username},ou=Peoples,dc=wf,dc=cn";

            $r = ldap_add($ldapconn, $dn, $add_entry);

            if(!$r){
                return $response->write("create account failed"); 
            }
        }else{
            return $response->write("account exist");
        }

        

        $base_dn = "ou=Groups,dc=wf,dc=cn";
        $filter = "(cn=WFMINIO)";
        $read = ldap_search($ldapconn, $base_dn, $filter);
        $info = ldap_get_entries($ldapconn, $read);
        $user_list = $info[0]["memberuid"];
        var_dump($user_list);
        // prepare data
        $group_entry["cn"] = "WFMINIO";
        for($i = 0; $i < $user_list["count"]; $i++){
        $group_entry["memberuid"][$i] = $user_list[$i];
        }
        $group_entry["memberuid"][$user_list["count"]] = $username;
        $group_dn="cn=WFMINIO,ou=Groups,dc=wf,dc=cn";

        // add data to directory
        
        $t = ldap_modify($ldapconn,$group_dn,$group_entry);
        if(!$t){
            return $response->write("add group failed"); 
        }
        ldap_close($ldapconn);
    } else {
        echo "Unable to connect to LDAP server";
    }

});// GET route  
